WNF Code Execution Library Using C#
☆110May 18, 2020Updated 5 years ago
Alternatives and similar repositories for wnfexec
Users that are interested in wnfexec are comparing it to the libraries listed below
Sorting:
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆515Feb 1, 2024Updated 2 years ago
- Some of my custom "tools".☆28Feb 21, 2022Updated 4 years ago
- ☆246Dec 16, 2022Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- ☆166Nov 6, 2022Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆676Dec 23, 2022Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆385Apr 16, 2022Updated 3 years ago
- Tools and PoCs for Windows syscall investigation.☆368Dec 2, 2025Updated 2 months ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Bypass Malware Time Delays☆107Sep 23, 2022Updated 3 years ago
- ☆52Apr 1, 2022Updated 3 years ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- ☆208Feb 24, 2022Updated 4 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- Nim version of MDSec's Parallel Syscall PoC☆123Jan 14, 2022Updated 4 years ago
- ☆72Aug 2, 2022Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- A Bumblebee-inspired Crypter☆79Dec 5, 2022Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆429Jul 22, 2022Updated 3 years ago
- Patch AMSI and ETW☆249May 8, 2024Updated last year
- grim reaper c2☆347Nov 19, 2022Updated 3 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- Do some DLL SideLoading magic☆89Sep 20, 2023Updated 2 years ago
- Coerce Windows machines auth via MS-EVEN☆172Jan 17, 2024Updated 2 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago